[Samba] Samba 4 LDAP NTLM password nightly injection
Luc Lalonde
luc.lalonde at polymtl.ca
Wed Mar 27 17:38:05 MDT 2013
Hello Andrew,
How would I convert the below base16 strings into raw bytes acceptable to this routine? We presently inject the NTLM passwords directly into our LDAP database for Samba3.
Also, I can't seem to figure out the argument values for 'passdb.PDB'. I tried 'ldb', 'samba_dsdb'.
Thanks for your help!
On 2013-03-27, at 6:18 PM, Andrew Bartlett <abartlet at samba.org> wrote:
> On Tue, 2013-03-26 at 11:10 -0400, Luc Lalonde wrote:
>> Hello Andrew,
>>
>> I'm finally diving into this project...
>>
>> First off, my sysadmin stuff is mostly in Perl. So my Python is rudimentary at best.
>>
>> Here we go anyway... I've looked at the 'upgrade.py' but I can't seem to figure out how to connect to the Samba4 passwd database.
>>
>> In the script I see these lines:
>>
>> #######################################################
>> # Connect to samba4 backend
>> s4_passdb = passdb.PDB(new_lp_ctx.get("passdb backend"))
>> ########################################################
>>
>> I would appreciate a hint on how to connect to the database please. Where is the 'passdb' object referenced from?
>>
>> Once that's done, from what I understand, I should be able to change the passwords directly:
>>
>> #######################################################
>> # Change foo-user password
>> admin_userdata = s4_passdb.getsampwnam("foo-user")
>> admin_userdata.nt_passwd = "878D8014606CDA29677A44EFA1353FC7"
>> admin_userdata.lanman_passwd = "552902031BEDE9EFAAD3B435B51404EE"
>> s4_passdb.update_sam_account(admin_userdata)
>> #######################################################
>
> Sort of. Those values are not base16 strings, but raw bytes, but
> otherwise that looks pretty much right at a first glance.
>
> Andrew Bartlett
>
> --
> Andrew Bartlett http://samba.org/~abartlet/
> Authentication Developer, Samba Team http://samba.org
>
>
More information about the samba
mailing list